40% of Malicious URLs Were Found on Good Domains

Help Net Security shared an interesting statistic from the 2019 Webroot Threat Report. 40 percent of malicious URLs were found on good domains. Legitimate websites are frequently compromised to host malicious content.

To protect users, cybersecurity solutions need URL-level visibility or, when unavailable, domain-level metrics, that accurately represent the dangers.
The report also found that while Google was the single most impersonated brand in phishing, 77% of all phishing attacks impersonated financial institutions. (The good news? After 12 months of security awareness training, end users were 70% less likely to fall for phishing attacks.)

And Windows 10 devices were "at least twice as secure as those running Windows 7. Webroot has seen a relatively steady decline in malware on Windows 10 machines for both consumer and business."

hosts file

[K.+S.+Kyosuke]

But I'm pretty sure a hosts file will protect you from all that...

Re:hosts file

[Freshly+Exhumed]

Unless I take the list of evil URLs and make my boss's hosts file point everything at them. Naw, I'd *never* do such a thing.

First HOSTS!

Bazinga

slow news day?

What's wrong with cats videos?

No mention of Linux at all

My guess is Linux is even more secure than Windows 10 by their methodologies. But we will never know because the linked PDF doesn't mention it.

I suppose it is worth pointing out the irony of distributing a document about online security via PDF.

Re:No mention of Linux at all

"my guess is Linux is even more secure than Windows 10" - Check out the big brain on Brad!

Re:No mention of Linux at all

You know, sarcasm feels fun, and insulting random people on the Internet can produce a feeling of satisfaction as well. But these short-term rewards have a long-term cost. They condition the mind to automatically and perpetually respond to everything with something negative and mean-spirited. This can have harmful effects on one's mental health and social life.

Since you are smart enough to come to this site and make a cogent post, you are probably smart enough to succeed and accomplish meaningful achievements in your life. But you will have to apply yourself.

  One way to start would be to look for opportunities to meaningfully contribute to online dialogues, rather than just fling mud.

Re:No mention of Linux at all

So, explain to me how quoting Pulp Fiction in response to a light-hearted (but extremely obvious) comment like "Linux is even more secure than Windows 10" is somehow either sarcasm or an insult? Everyone should respond that way.

It's obvious. Malware is written for Windows more than anything else. My mental health has always been my achilles heel, according to anonymous faggots on the internet who don't know me, but socially I've never been better.

"Meaningfully contributing to online dialogues" - I do, I just did. When I fling mud believe me, you're going to need to roll up your fucking windows, snowflake.

Re:No mention of Linux at all

So, explain to me...

You actually need sarcasm explained to you? Are you so steeped in it that you can't recognize it anymore? Well, here goes...

Definition of sarcasm: a sharp and often satirical or ironic utterance designed to cut or give pain.

Definition of irony: the use of words to express something other than and especially the opposite of the literal meaning.

So, you (or whoever it may have been) posted "Check out the big brain on Brad!" The literal meaning of this is that the OP has a large brain, and that you are impressed by it. This is a way of saying that one is very intelligent, and that you are impressed by this intelligence. Of course, you meant the exact opposite, as you re-affirmed in your prior post when you called it obvious. So, you used words to express the opposite of their literal meaning. This qualifies as sarcasm by the definitions given above.

The fact that this is also a quote from Pulp Fiction has no relevance.

I hope that helps. You clearly need some.

Correlation, Causation? No details at all?

"Devices that use Windows 10 are at least twice as secure as those running Windows 7. Webroot has seen a relatively steady decline in malware on Windows 10 machines for both consumer and business."

Without any specific details about why that might be it's a useless metric.

Re:Correlation, Causation? No details at all?

And I even checked the PDF, that literally is the extent of as much as they talk about the 7 - 10 split. That two sentences is it! "In 2017, 93% of malware was unique" - Now THAT is an interesting tidbit all by itself.

A big % of this stems from SMB by itself.

SMB was the vector in the most widespread worm activity which caused the majority of the damage. So that's been addressed but hardly "fixed" in 10.

A lot of the trends they're noticing that seem to point to 10 being "more secure" are more likely IMO to be "Malware writers tend to target low-lying fruit they already can with existing code" rather than "Windows 10 has secure network stacks"

Re:Correlation, Causation? No details at all?

[phantomfive]

Then there's this lovely quote:

After 12 months of security awareness training, end users are 70 percent less likely to fall for a phishing attempt.

If I'd spent 12 months training users, and only saw a 70% reduction(?), I would not be bragging about my course. I would be revamping my curriculum to figure out where I went wrong.

Kill All The Good Domains!

Kill all the good domains. Then the problem will be reduced by 40%!

Think of the children for fuck's sake!

Re:Correlation, Causation? No details at all?

Some people never learn, it's a big-big problem.

Re:Correlation, Causation? No details at all?

[TechyImmigrant]

Where I work, they send out fake phishing emails and provide a 'report phish' button in Outlook. Reporting real ones trains the system on what to filter and failing to report fake ones trains I.T. on who needs training.

This seems pretty effective and targeted.

It DOES & minus wildcard false positives

See subject & https://it.slashdot.org/commen...

* Funny YOU of all "people" (fake name) say what you did - you've always FAILED to take me on & you always LOSE to me on hosts!

APK

P.S.=> Perhaps, only NOW, do you "see the light" of FACT & TRUTH vs. your past bullshit... apk

BEST HOSTS

BEST HOSTS https://it.slashdot.org/commen... thanks APK. This point's a final nail in your naysayer's coffins.

holy grokparsefailure

prease2lrn2engrish.

grokparsefailure.

Re:holy grokparsefailure

Speak for yourself. Learn to read and write you illiterate dunce trying to post bury what actually works and why.

Thanks & quoting Queensryche... apk

I stop "the way society, keeps SPREADING THE DISEASE..." via hosts stopping it spreading (keeping your fellow man safe's a "civic duty" of sorts imo, like vs. plagues).

APK

P.S.=> Great tune for those of you that don't KNOW that band (that album is awesome)... apk

Easier for Appdows 10 to be secure

...because it only runs worthless apps, not real software.

Re:It's WHY wildcarding = false positives

As I stated earlier above: Thanks APK. This point's a final nail in your naysayer's coffins.

Browsers

[Cmdln+Daco]

Browsers need URL level visibility. Anything that obscures the URL in the browser should be fixed. Mouse-over should always display what is about to be clicked.

Re:Browsers

[Rosco+P.+Coltrane]

Does that include all the shit loaded behind the scene by javascript?

It's gonna be a mighty long list of URLs to read through for every page...

It's WHY wildcarding = false positives

It's WHY wildcarding = false positives + w/ DNS wildcard use & DNS redirect poisoning US DHS issues DNS redirect is HUGE danger (not w/ hosts vs.) https://threatpost.com/gov-war... & ICANN ISSUES SAME WARNING https://tech.slashdot.org/stor...

* I beat that WITH SPECIFIC host-domain names (even subdomains) vs. even DGA types like Locky or Necurs etc.:

DGA tracker e.g. #1: https://www.forcepoint.com/blo...

DGA tracker e.g. #2 https://www.forcepoint.com/blo...

APK

P.S.=> For the best hosts file multiplatform:

APK Hosts File Engine 2.0++ 64-bit for Linux h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r L i n u x . z i p (remove spaces between chars & download)

APK Hosts File Engine 10++ SR-1 32/64-bit for Windows https://hosts-file.net/?s=Down... (DL link @ bottom)

Soon for MacOS too (I just got a NEW Mac-Mini to port it there)... apk

it's easy to filter most of them

[WoodstockJeff]

If the link matches this REGEX, it's almost certainly for a compromised site: /\/wp-(includes|content)\/(images|uploads?|themes|plugins|cache)\//

Whatever claims and advances WordPress makes in the realm of security, it is FAR too easy for people to configure it a way to store malware, and redirections to same. Any "deep linking" to one suspicious at best.

Of course, if a link uses a "shortened URL", its probability of legitimacy is rather low, too.

Re:it's easy to filter most of them

[Obfuscant]

Of course, if a link uses a "shortened URL", its probability of legitimacy is rather low, too.

Wonderful story. Our local UNI has decided that too many people click on phishing emails and hand over their login details, so ALL must start using 2FA.

The URL they distributed to provide information about this new requirement was 1. a shortened URL, 2. from a ccTLD that has no connection at all with the UNI, and 3. misspells the name of the UNI's animal mascot so it fits with the ccTLD.

In other words, if an email from my university contains a shortened URL that misspells the mascot and comes out of a country on the other side of the planet, it is actually REAL. And the UNI IT people blame the employees for falling for phishing attacks.

Turn off Web Pages over SMTP

Interestingly, disabling the "Web Pages over SMTP" capability of the e-mail client and displaying all messages in plain text resulted in 99.999% protection against phishing the femtosecond after the "read all e-mail including encrypted and signed email in plain text" was turned on, and required no training (other than instruction to navigate the 5,000 clicks necessary to disable the dodgy non-plain-text rendering options).

Just saying ...

My win 7 computer is way more secure than win 10,

It never connects to the internet so MS can't fuck it up.

Hosts files do it (faster vs. NoScript)

Hosts files do it (faster vs. NoScript parse for script src tags in slow usermode vs. hosts in kernelmode operating BEFORE it can).

* Besides - ALL addons are EASILY detected for (& blocked IF a webmaster wishes) via native browser methods - can't DO that to hosts, period...

APK

P.S.=> For the best hosts file multiplatform:

APK Hosts File Engine 2.0++ 64-bit for Linux h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r L i n u x . z i p (remove spaces between chars & download)

APK Hosts File Engine 10++ SR-1 32/64-bit for Windows https://hosts-file.net/?s=Down... (DL link @ bottom)

Soon for MacOS too (I just got a NEW Mac-Mini to port it there)... apk

I know it is, lol... apk

I know it is, lol - & all they can do, in vain, is try "downmod hide" my posts that BLOW THEM AWAY as always (or stalk me by unidentifiable anonymous posts like the STUPID dull witted defective worms & DEFICIENTS (lmao - thanks gweihir) they are... lol!).

* JUST LIKE THEY TRIED TO DO TO HIDE WHAT YOU REPLIED TO & WHY? It's FACT - the 1 thing that DESTROYS THEM by letting THEM destroy themselves (white mice are easy to outsmart).

APK

P.S.=> This IS the FINAL NAIL in their dim brain coffins (the sooner they DIE & quit stealing our air/food/water WASTED on such lowlifes, the better).,. apk

Re:Correlation, Causation? No details at all?

Change "Windows 10 are at least twice as secure as those running Windows 7" to "Linux is at least twice as secure as those running Windows 7" and I doubt you would be asking for any specific details. There is no amount of details that would make you change your opinion.

The problem today is people define themselves by what they "hate". And "hate" smothers logic, eliminates compromise, and eliminates common sense. We working diligently to destroy every facet of a civilized society while making it impossible to address the many problems we face today. We don't fix problems we only argue amongst one another and winning the argument is the only goal where the ends justify the means.

My MacOS version is available now, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

My MacOS version is available now, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

My MacOS version is available now, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Please enjoy my MacOS version, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Re:Please enjoy my MacOS version, too... apk

[IwantaWaffleIron]

I truly believe slashdot should auto-ban any user who makes a comment with the string " apk" in it. Just look at the fucking spam all over this page. jesus christ.

Re:Please enjoy my MacOS version, too... apk

Apk fucked you up so bad you can't deny what he illlustrated technically https://it.slashdot.org/commen... and you hold your puny cock in your hand saying that?

Please enjoy my MacOS version, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

My work is now available on MacOS, too! apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lmao!

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it (out of "butthurt angst") as I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it (out of YOUR "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it though (out of YOUR "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

My MacOS version is available now, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

My MacOS version is available now, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it (out of your "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE again https://tech.slashdot.org/comm... ... apk

My MacOS version is available now, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

An ad company

[AHuxley]

and social media company is a good domain?

Re:Correlation, Causation? No details at all?

Apk trained all of you slashdot losers https://it.slashdot.org/commen... shutting you the fuck up wannabes. Why is that? Hehehehehehe

Re:Correlation, Causation? No details at all?

Apk is light years ahead of /. noobz in skill, as anonymous they are mostly whipslash (like Assange admits in the 5th Estate film). Apk made that punk look like shit absolutely dominating him as he said he would ban apk. Really? The link in the post I reply to shows otherwise. Hahahahaha!

Re:Correlation, Causation? No details at all?

[DarkOx]

Taking this a bit further; It underscores why awareness training is really a waste of time at this point. I am not personally involved it it but its one of the services the firm I work at provides to some clients.

There are basically two kinds of computer users at this point. Those who are pretty savvy and won't be easily phished period. The other group is simply untrainable. They will never learn not to be scammed because they are one of the following: stupid (sometimes it really is that simple), proud (being do this to long to lean anything from a CBT attitude / I am to important for this), affected by perverse incentives (sure there is a 99.9% chance this is scam but I am in sales and if I it is a client it might mean a commission for me, if it blows up my computer or gets the company hacked which is way more likely that is other peoples problems).

The fact is at this point there are a lot of phishes that are in fact really good. They are highly targeted, domain fronting is used to make sure no spam filters or firewalls classify the source domain as malicious, it only send malicious content when accessed by they target. The content is tarred to the specific person or organization. Its well researched, includes lots of facts an insider would know but were likely discovered by social media and other opsec leaks. They have borrowed the companies presentation style by cloning press releases etc so it looks like it came from your marketing department. These would fool literally anyone and there is NOTHING you can teach in a click thru awareness program that would allow someone to spot these. Eventually to get something to run at some point they will have hit a OS/mail client/browser generated prompt. However they author will have taken great care to make sure the every aspect of the text they can control on that prompt looks as legit as possible. Even the the point of taking advantage of vulnerabilities in the software around look-a-like unicode characters on certificate orgs end users can't distinguish etc. Oh teach them never to click those pop-up prompts from anything that originated from an external source....ugh good luck with that as soon as HR decides to engage an outside payroll processor or benefits management firm..

Basically you have to have effective technical controls on this one. DLP, EDR software, isolated client networks using tools like ISE to control access to other resources, solid least privilege implementation both on clients and network resources, outbound SSL/TLS proxying (without exception), defenses against lateral movement like unique administrative and support passwords and client isolation on networks. This is the only answer that might save a larger organization for a targeted phishing campaign. In 2019 user training is a wasted effort.

APK stop conversing with yourself

APK stop conversing with yourself.

How is that good news?

30% of your employees will fall for Phishing attacks even with training. That is really bad news.

Re:Correlation, Causation? No details at all?

I always like to put in the report that I was pretty sure this phishing email was a test, as it checked almost all the boxes of what to expect from a phishing email.

It's WHY wildcarding = false positives

It's WHY wildcarding = false positives + w/ DNS wildcard use & DNS redirect poisoning US DHS issues DNS redirect is HUGE danger (not w/ hosts hardcoded favorite sites my program does vs.) https://threatpost.com/gov-war... & ICANN ISSUES SAME WARNING https://tech.slashdot.org/stor...

* I beat that WITH SPECIFIC host-domain names (even subdomains) vs. even DGA types like Locky or Necurs etc.:

DGA tracker e.g. #1: https://www.forcepoint.com/blo...

DGA tracker e.g. #2 https://www.forcepoint.com/blo...

APK

P.S.=> For the best hosts file multiplatform:

APK Hosts File Engine 2.0++ 64-bit for Linux h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r L i n u x . z i p (remove spaces between chars & download)

APK Hosts File Engine 10++ SR-1 32/64-bit for Windows https://hosts-file.net/?s=Down... (DL link @ bottom)

Soon 4 MacOS (I just got a NEW Mac-Mini to port it there)... apk

Stop impersonating apk loser

You are caught impersonating apk. He says you are doing nothing but lying since he has no MacOS model ready https://it.slashdot.org/commen...

Small business websites probably host 90% of it

The average restaurant or small business web page (plumbers, etc) are the real garbage on the internet as they get built by a one time contract and then left unattended, not updated, for a decade+.

My MacOS version is available now, too... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Still IMPERSONATING me JEALOUS "Lil' Jowie"?

MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

HILARIOUS u ADMIT u have a /. acct & STALK me by UNIDENTIFIABLE ac https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

Instead of WASTING your life STALKING me by UNIDENTIFIABLE anonymous posts OR IMPERSONATING me (since you WISH you were me)? Make a Wheel https://isc.sans.edu/forums/di... as I have that gives users more speed/security/reliability & anonymity NATIVELY doing more for less vs. ANY single 'solution' out there!

* LASTLY - the ONLY time you start IMPERSONATING me vs. STALKING me by UNIDENTIFIABLE anon posts is WHEN YOU ARE OUT OF "downmodpoints" I can easily NULLIFY by REPOSTING my posts RUNNING YOU DRY of them after you ABUSE them - I must've already, lol!

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again https://tech.slashdot.org/comm... ... apk

It's WHY wildcarding = false positives

It's WHY wildcarding = false positives + w/ DNS wildcard use & DNS redirect poisoning US DHS issues DNS redirect is HUGE danger (not w/ hosts vs.) https://threatpost.com/gov-war... & ICANN ISSUES SAME WARNING https://tech.slashdot.org/stor...

* I beat that WITH SPECIFIC host-domain names (even subdomains) vs. even DGA types like Locky or Necurs etc.:

DGA tracker e.g. #1: https://www.forcepoint.com/blo...

DGA tracker e.g. #2 https://www.forcepoint.com/blo...

APK

P.S.=> For the best hosts file multiplatform:

APK Hosts File Engine 2.0++ 64-bit for Linux h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r L i n u x . z i p (remove spaces between chars & download)

APK Hosts File Engine 10++ SR-1 32/64-bit for Windows https://hosts-file.net/?s=Down... (DL link @ bottom)

Soon for MacOS too (I just got a NEW Mac-Mini to port it there)... apk

Re:Correlation, Causation? No details at all?

[Chelloveck]

Where I work they send out fake phishing emails which include an X-PHISHTEST header, making it trivial to write a filter to bin them automatically.

Re:Correlation, Causation? No details at all?

[phantomfive]

My own personal strategy is to never click on any link I get in email.